package sernet.verinice.encryption.impl.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import org.apache.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:sernet/verinice/encryption/impl/util/CertificateUtils.class */
public class CertificateUtils {
    private static final Logger LOG = Logger.getLogger(CertificateUtils.class);

    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public static X509Certificate loadX509CertificateFromFile(File file) throws IOException, CertificateNotYetValidException, CertificateExpiredException, CertificateException {
        if (!file.exists()) {
            String str = "The given file \"" + file + "\" does not exist.";
            LOG.error(str);
            throw new IOException(str);
        }
        if (!file.canRead()) {
            String str2 = "The given file \"" + file + "\" cannot be read.";
            LOG.error(str2);
            throw new IOException(str2);
        }
        try {
            Certificate generateCertificate = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME).generateCertificate(new FileInputStream(file));
            if (generateCertificate == null) {
                String str3 = "The given file \"" + file + "\" does not contain a X.509 certificate.";
                LOG.error(str3);
                throw new CertificateException(str3);
            }
            if (generateCertificate.getType().equalsIgnoreCase("x.509")) {
                X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                x509Certificate.checkValidity();
                return x509Certificate;
            }
            String str4 = "The certificate contained in the given file \"" + file + "\" is not a X.509 certificate.";
            LOG.error(str4);
            throw new CertificateException(str4);
        } catch (NoSuchProviderException e) {
            LOG.error("Certificate provider not found.", e);
            throw new RuntimeException("Certificate provider not found.", e);
        }
    }
}
